As of 7/12/08:

Domains not reachable:

- facebook.com (was reachable on 6/29/08)
- icanhascheezburger.com (was previously able to load site without pictures but now totally unreachable)
- uncyclopedia.com
- torproject.org
- dit-inc.us

Domains reachable:

- cnn.com
- bbc.co.uk
- xkcd.com
- wikipedia.org

The combination of Privoxy+Tor is again successful in accessing the blocked sites.
I chose to use this method because of its usability: free, well-integrated into popular browsers, and easy to setup.

However, there are several importants caveats to using tor:

- The network as it exists will not support connections requiring a lot of bandwidth (i.e. bittorrent, massive file transfers, etc.). It will work but it will be extremely slow. I need to stress that such usage will also have a negative impact on other tor users.
- The software is experimental and should not be relied upon for strong anonymity.
- The most reliable source for software and updates (torproject.org) is not reachable without a working copy of Tor.
- Very few entry nodes are reachable. This raises some serious questions about the immediate security and long-term viability of Tor.

In my 80 hours or so logged into a functional circuit, I have seen only three distinct entry nodes. From a security standpoint, it is easy to believe that these entry nodes are planted or otherwise compromised to allow monitoring. Even if the entries are legitimate, it wouldn’t be hard to shutdown the network entirely. I leave this as an exercise to the reader.

There is an interesting paper on timing attacks for any onion router network:
Low-Resource Routing Attacks Against Anonymous Systems by Kevin Bauer, Damon McCoy, Dirk Grunwald, Tadayoshi Kohno, Douglas Sicker
http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf

There are many alternatives to Tor which I will decline to list here. One that I am investigating is FreeGate: dit-inc.us.

I encourage readers to have a plan of action in case Internet access is restricted in their area. What tools do you have immediately available to facilitate a breakout? If you don’t usually encrypt communications (i.e. pgp or some variant), will you want/need to? How many of your contacts will you be able to reach via other means (secure or not)?

Sites that are accessible:

- Gmail over 128bit SSL

- International Google

- myspace.com (not confirmed entirely accessible)

- facebook.com (ssl login okay)

Domains not accessible:

- wordpress.com

- livejournal.com

- meetup.com

- bbc.co.uk

Tools used:

- Vidalia (Tor) and privoxy

- open proxies from proxy.org

Success on all blocked sites with the above combination.

It took a LONG time to grab the list of relays in the Tor network. Given how few entry points there were, I suspect that most of the entry points are blocked. Tor has to find at least one open entry, pull an updated list of relays and then try to build a connection. I would not rely upon this method in the long term. Sad, but true.

Note on open proxies: use as much caution as you would any unfamiliar website. Many open proxies are heavily polluted with ads, pop-ups and worse. Proxies based out of your country may be your best bet.

(The next update may take a while. I only slept 3 hours before my flight and am experiencing just a touch more jetlag than expected. Crashing in 3…2…1…)